public string GetFromUserName(DatabaseConnection dbConn)
{
if (string.IsNullOrEmpty(InboxFromUserName))
{
if (InboxFromUserID.Equals(0))
{
return("SYSTEM");
}
EUser user = new EUser();
user.UserID = InboxFromUserID;
if (EUser.db.select(dbConn, user))
{
if (string.IsNullOrEmpty(user.UserName))
{
return(user.LoginID);
}
else
{
return(user.UserName);
}
}
else
{
return(InboxFromUserID.ToString());
}
}
else
{
return(InboxFromUserName);
}
}
public static EUser GetObject(DatabaseConnection dbConn, object ID)
{
if (ID is int)
{
EUser obj = new EUser();
obj.UserID = (int)ID;
if (db.select(dbConn, obj))
{
return(obj);
}
}
return(null);
}
protected void Page_Init(object sender, EventArgs e)
{
Session["LastURL"] = Request.Url.PathAndQuery;
user = WebUtils.GetCurUser(Session);
//WebUtils.SetSessionLanguage(Session, user);
lblVersionNo.Text = ProductVersion.CURRENT_PROGRAM_VERSION;
HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
if (productLicense != null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.iMGR)
{
Page.Title = "iMGR";
lblCopyrightCompanyName.Text = "iGlobe Technology Limited";
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Application["MasterDBConfig"] != null)
{
masterDBConn = ((DatabaseConfig)Application["MasterDBConfig"]).CreateDatabaseConnectionObject();
}
else
{
Response.Redirect("~/AccessDeny.aspx");
}
IsAllowEdit = WebUtils.CheckPermission(Session, FUNCTION_CODE, WebUtils.AccessLevel.ReadWrite);
if (Session["CompanyDBID"] != null)
{
CurID = (int)Session["CompanyDBID"];
}
CompanyDBID.Value = CurID.ToString();
sbinding = new SearchBinding(masterDBConn, sdb);
sbinding.initValues("HSBCExchangeProfileID", null, EHSBCExchangeProfile.VLRemoteProfileList, ci);
sbinding.init(DecryptedRequest, null);
info = ListFooter.ListInfo;
string tmpDateTimeString = ESystemParameter.getParameter(masterDBConn, ESystemParameter.PARAM_CODE_BANKFILE_LAST_CANCEL_TIME);
if (!DateTime.TryParseExact(tmpDateTimeString, "HH:mm", null, System.Globalization.DateTimeStyles.None, out bankFileLastCancelTime))
{
bankFileLastCancelTime = new DateTime();
}
currentUser = WebUtils.GetCurUser(Session);
if (currentUser != null)
{
DBFilter signatureFilter = new DBFilter();
signatureFilter.add(new Match("UserID", currentUser.UserID));
if (HROne.Lib.Entities.EeChannelAuthorizedSignature.db.count(dbConn, signatureFilter) > 0)
{
isAuthorizer = true;
}
}
}
public bool IsAllowSubmitPermission(DatabaseConnection dbConn, int ActiveUserID)
{
DBFilter filter = new DBFilter();
filter.add(new Match("UserID", m_UserID));
ArrayList userGroupPermissionList = new ArrayList();
{
ArrayList userGroupAccessList = EUserGroupAccess.db.select(dbConn, filter);
foreach (EUserGroupAccess userGroupAccess in userGroupAccessList)
{
userGroupPermissionList.Add(userGroupAccess.UserGroupID);
}
}
ArrayList companyPermissionList = new ArrayList();
{
ArrayList userCompanyList = EUserCompany.db.select(dbConn, filter);
foreach (EUserCompany userCompany in userCompanyList)
{
companyPermissionList.Add(userCompany.CompanyID);
}
}
ArrayList rankPermissionList = new ArrayList();
{
ArrayList userRankList = EUserRank.db.select(dbConn, filter);
foreach (EUserRank userRank in userRankList)
{
rankPermissionList.Add(userRank.RankID);
}
}
// Start 0000069, KuangWei, 2014-08-26
ArrayList payrollGroupPermissionList = new ArrayList();
{
ArrayList payrollGroupUsersList = EPayrollGroupUsers.db.select(dbConn, filter);
foreach (EPayrollGroupUsers payrollGroupUsers in payrollGroupUsersList)
{
payrollGroupPermissionList.Add(payrollGroupUsers.PayGroupID);
}
}
return(EUser.IsAllowSubmitPermission(dbConn, ActiveUserID, companyPermissionList, userGroupPermissionList, rankPermissionList, payrollGroupPermissionList));
// End 0000069, KuangWei, 2014-08-26
}
protected void ResetLoginIDPasswordWithRandomKey(ECompanyDatabase obj, bool skipResetLoginID)
{
DatabaseConnection companyDBConn;
try
{
companyDBConn = new DatabaseConnection(obj.getConnectionString(dbConn), DatabaseConnection.DatabaseType.MSSQL);
}
catch (Exception ex)
{
throw new Exception("Fail to connect to database");
}
HROne.Lib.Entities.EUser user = new HROne.Lib.Entities.EUser();
user.UserID = 1;
if (HROne.Lib.Entities.EUser.db.select(companyDBConn, user))
{
string randomPharse = RandomString(16);
if (!skipResetLoginID)
{
obj.CompanyDBResetDefaultUserLoginID = randomPharse.Substring(0, 8);
}
else
{
obj.CompanyDBResetDefaultUserLoginID = user.LoginID;
}
obj.CompanyDBResetDefaultUserPassword = randomPharse.Substring(8);
user.LoginID = obj.CompanyDBResetDefaultUserLoginID;
user.UserPassword = HROne.CommonLib.Hash.PasswordHash(obj.CompanyDBResetDefaultUserPassword);
user.UserAccountStatus = "A";
user.UserChangePassword = true;
user.FailCount = 0;
HROne.Lib.Entities.EUser.db.update(companyDBConn, user);
DBFilter SystemFunctionFilter = new DBFilter();
SystemFunctionFilter.add(new IN("FunctionCode", "'SEC001', 'SEC002'", null));
ArrayList systemFunctionList = HROne.Lib.Entities.ESystemFunction.db.select(companyDBConn, SystemFunctionFilter);
foreach (HROne.Lib.Entities.ESystemFunction function in systemFunctionList)
{
DBFilter userGroupFunctionFilter = new DBFilter();
userGroupFunctionFilter.add(new Match("FunctionID", function.FunctionID));
userGroupFunctionFilter.add(new Match("FunctionAllowWrite", true));
DBFilter userGroupAccessFilter = new DBFilter();
userGroupAccessFilter.add(new Match("UserID", user.UserID));
userGroupAccessFilter.add(new IN("UserGroupID", "SELECT ugf.UserGroupID FROM " + HROne.Lib.Entities.EUserGroupFunction.db.dbclass.tableName + " ugf", userGroupFunctionFilter));
if (HROne.Lib.Entities.EUserGroupAccess.db.count(companyDBConn, userGroupAccessFilter) <= 0)
{
ArrayList UserGroupFunctionList = HROne.Lib.Entities.EUserGroupFunction.db.select(companyDBConn, userGroupFunctionFilter);
if (UserGroupFunctionList.Count > 0)
{
HROne.Lib.Entities.EUserGroupAccess access = new HROne.Lib.Entities.EUserGroupAccess();
access.UserID = user.UserID;
access.UserGroupID = ((HROne.Lib.Entities.EUserGroupFunction)UserGroupFunctionList[0]).UserGroupID;
HROne.Lib.Entities.EUserGroupAccess.db.insert(companyDBConn, access);
}
}
}
ECompanyDatabase.db.update(dbConn, obj);
}
else
{
throw new Exception("Default User does not appear on company database");
}
}
public string GetLogText(DatabaseConnection dbConn, string EmpNoFilter, bool ShowHeaderOnly, bool ShowKeyIDOnly, bool DoNotConvertID)
{
StringBuilder logTextBuilder = new StringBuilder();
bool skipGenerateLog = false;
DBFilter auditTrailDetailFilter = new DBFilter();
auditTrailDetailFilter.add(new Match("AuditTrailID", this.AuditTrailID));
ArrayList auditTrailDetailList = EAuditTrailDetail.db.select(dbConn, auditTrailDetailFilter);
int empID = this.EmpID;
if (!string.IsNullOrEmpty(EmpNoFilter.Trim()))
{
if (empID.Equals(0))
{
foreach (EAuditTrailDetail auditTrailDetail in auditTrailDetailList)
{
string tmpRemark = auditTrailDetail.Remark.Replace(" ", "");
int pos = tmpRemark.IndexOf("\nEmpID=", StringComparison.CurrentCultureIgnoreCase);
if (pos >= 0)
{
string empIDString = tmpRemark.Substring(pos + 1, tmpRemark.IndexOf("\n", pos + 1) - pos);
empID = int.Parse(empIDString.Substring(empIDString.IndexOf("=") + 1));
}
}
}
EEmpPersonalInfo empInfo = new EEmpPersonalInfo();
empInfo.EmpID = empID;
if (EEmpPersonalInfo.db.select(dbConn, empInfo))
{
if (empInfo.EmpNo.IndexOf(EmpNoFilter.Trim(), StringComparison.CurrentCultureIgnoreCase) < 0)
{
skipGenerateLog = true;
}
}
else
{
skipGenerateLog = true;
}
}
if (!skipGenerateLog)
{
ESystemFunction function = new ESystemFunction();
function.FunctionID = this.FunctionID;
if (ESystemFunction.db.select(dbConn, function))
{
logTextBuilder.AppendLine(string.Empty.PadLeft(78, '-'));
EUser user = new EUser();
user.UserID = this.UserID;
if (EUser.db.select(dbConn, user))
{
logTextBuilder.AppendLine("User : \t" + user.LoginID + " - " + user.UserName);
}
else if (this.UserID.Equals(0))
{
logTextBuilder.AppendLine("User : \t" + "System");
}
else
{
logTextBuilder.AppendLine("User : \t" + this.UserID + " (Unknown)");
}
logTextBuilder.AppendLine("Function : \t" + function.FunctionCode + " - " + function.Description);
logTextBuilder.AppendLine("Date/Time: \t" + this.CreateDate.ToString("yyyy-MM-dd HH:mm:ss"));
if (!this.EmpID.Equals(0))
{
EEmpPersonalInfo empInfo = new EEmpPersonalInfo();
empInfo.EmpID = this.EmpID;
if (EEmpPersonalInfo.db.select(dbConn, empInfo))
{
logTextBuilder.AppendLine("Employee : \t" + empInfo.EmpNo + " - " + empInfo.EmpEngFullName);
}
}
logTextBuilder.AppendLine(string.Empty.PadLeft(78, '-'));
if (!ShowHeaderOnly)
{
foreach (EAuditTrailDetail auditTrailDetail in auditTrailDetailList)
{
if ((auditTrailDetail.Remark.Replace(" ", "").IndexOf("EmpID=" + empID, StringComparison.CurrentCultureIgnoreCase) >= 0 || this.EmpID.Equals(empID)) && !string.IsNullOrEmpty(EmpNoFilter.Trim()) || string.IsNullOrEmpty(EmpNoFilter.Trim()))
{
logTextBuilder.Append(auditTrailDetail.GetLogText(dbConn, ShowKeyIDOnly, DoNotConvertID));
}
}
}
}
//logTextBuilder.AppendLine(string.Empty);
}
return(logTextBuilder.ToString());
}
//public bool ValidateUser(string username, string encryptedPassword)
//{
// string message = string.Empty;
// DBFilter filter = new DBFilter();
// filter.add(new Match("LoginID", username));
// filter.add(new Match("UserAccountStatus", "<>", "D"));
// ArrayList list = EUser.db.select(dbConn, filter);
// if (list.Count == 0)
// {
// message = "Invalid User Name or Password";
// throw new Exception(message);
// return;
// }
// EUser user = (EUser)list[0];
// if (user.UserPassword == null)
// user.UserPassword = "";
// if (!(user.UserAccountStatus == "A"))
// {
// message = "Account is Inactive/Locked";
// throw new Exception(message);
// return;
// }
// if (!user.UserPassword.Equals(encryptedPassword))
// {
// message = "Invalid User Name or Password";
// user.FailCount++;
// string maxFailCountParameterString = ESystemParameter.getParameter(ESystemParameter.PARAM_CODE_LOGIN_MAX_FAIL_COUNT);
// if (!maxFailCountParameterString.Equals(string.Empty))
// {
// int MaxFailCount = 0;
// if (int.TryParse(maxFailCountParameterString, out MaxFailCount))
// if (MaxFailCount > 0)
// if (user.FailCount >= MaxFailCount)
// {
// user.UserAccountStatus = "I";
// user.FailCount = 0;
// }
// else if (user.FailCount - MaxFailCount == 1)
// {
// message += "\r\n" + "The account will be locked if you fail to login 1 more time";
// }
// }
// EUser.db.update(dbConn, user);
// throw new Exception(message);
// return;
// }
// Session["User"] = user;
// WebUtils.SetSessionLanguage(Session, user);
// user.FailCount = 0;
// EUser.db.update(dbConn, user);
// //WebUtils.RefreshPermission(Session);
// bool isForceChangePassword = false;
// if (user.UserChangePasswordUnit == "D")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else if (user.UserChangePasswordUnit == "M")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else if (user.UserChangePasswordUnit == "Y")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else
// isForceChangePassword = false;
// if (user.UserChangePassword)
// isForceChangePassword = true;
// //EInbox.GenerateInboxMessage(user.UserID);
// if (isForceChangePassword)
// Session["ForceChangePassword"] = true;
// if (Session["LastURL"] != null)
// Response.Redirect(Session["LastURL"].ToString());
// else
// HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "Emp_List.aspx");
//}
protected void Login_Click(object sender, EventArgs e)
{
HROne.Lib.Entities.EUser user = null;
Session.Clear();
HROne.DataAccess.DatabaseConnection mainDBConn = null;
HROne.SaaS.Entities.ECompanyDatabase companyDB = null;
bool hasError = false;
string message = string.Empty;
// always check whether companyDB exists after click
if (Application["MasterDBConfig"] != null)
{
DatabaseConfig masterDBConfig = (DatabaseConfig)Application["MasterDBConfig"];
HROne.DataAccess.DatabaseConnection masterDBConn = masterDBConfig.CreateDatabaseConnectionObject();
DBFilter companyDatabaseFilter = new DBFilter();
companyDatabaseFilter.add(new Match("CompanyDBClientCode", txtCustomerID.Text));
ArrayList companyDatabaseList = HROne.SaaS.Entities.ECompanyDatabase.db.select(masterDBConn, companyDatabaseFilter);
if (companyDatabaseList.Count > 0)
{
companyDB = (HROne.SaaS.Entities.ECompanyDatabase)companyDatabaseList[0];
DatabaseConfig tempDBConfig = new DatabaseConfig();
tempDBConfig.ConnectionString = companyDB.getConnectionString(masterDBConn);
tempDBConfig.DBType = WebUtils.DBTypeEmun.MSSQL;
if (tempDBConfig.TestConnection())
{
mainDBConn = tempDBConfig.CreateDatabaseConnectionObject();
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTKEY, companyDB.CompanyDBProductKey);
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTFEATURECODE, companyDB.getProductFeatureCode(masterDBConn));
string[] smtpParameterList = new string[]
{
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SERVER_NAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PORT,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_USERNAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_ENABLE_SSL,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SMTP_OUTGOING_EMAIL_ADDRESS
};
foreach (string smptParameter in smtpParameterList)
{
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, smptParameter, HROne.SaaS.Entities.ESystemParameter.getParameter(masterDBConn, smptParameter));
}
HROne.Lib.Entities.ESystemParameter.setParameterWithEncryption(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD
, HROne.SaaS.Entities.ESystemParameter.getParameterWithEncryption(masterDBConn, HROne.SaaS.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD));
}
else
{
if (HROne.DataAccess.DBAESEncryptStringFieldAttribute.InvalidRSAKey)
{
HttpRuntime.UnloadAppDomain();
}
}
}
}
else
{
mainDBConn = WebUtils.GetDatabaseConnection();
if (mainDBConn == null)
{
if (multiDBRow.Visible)
{
int idx;
if (int.TryParse(cboDatabase.SelectedValue, out idx))
{
HROneConfig config = HROneConfig.GetCurrentHROneConfig();
DatabaseConfig dbconfig = config.DatabaseConfigList[idx];
if (dbconfig.TestConnection())
{
mainDBConn = dbconfig.CreateDatabaseConnectionObject();
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"Fail to connect database\");", true);
return;
}
}
}
}
}
if (mainDBConn != null)
{
WebUtils.SetSessionDatabaseConnection(Session, mainDBConn);
}
HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
if (productLicense != null)
{
if (companyDB == null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.HROneSaaS)
{
productLicense.LoadProductKey(string.Empty);
}
}
if (mainDBConn == null && companyDB != null)
{
hasError = true;
message = "Fail to connect to database. Please contact to customer service.";
}
if (!hasError)
{
try
{
WebUtils.ValidateUser(mainDBConn, Username.Text, HROne.CommonLib.Hash.PasswordHash(Password.Text), true, true, out user);
}
catch (Exception ex)
{
hasError = true;
message = ex.Message;
}
// Check the database status after login is verified
if (companyDB != null && !hasError)
{
if (!companyDB.CompanyDBIsActive)
{
hasError = true;
message = "Subscribed service has been expired; please contact customer service hotline for assistant.";
}
}
if (!hasError)
{
// Create Login Audit for successfully login
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), false, string.Empty);
Session["LoginID"] = user.LoginID;
Session["PasswordEncrypted"] = user.UserPassword;
if (companyDB != null)
{
Session["CompanyDBID"] = companyDB.CompanyDBID;
}
if (mainDBConn is HROne.DataAccess.DatabaseConnectionWithAudit)
{
((HROne.DataAccess.DatabaseConnectionWithAudit)mainDBConn).UserID = user.UserID;
}
WebUtils.SetSessionLanguage(Session, user);
//WebUtils.RefreshPermission(Session);
bool isForceChangePassword = false;
if (user.UserChangePasswordUnit == "D")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else if (user.UserChangePasswordUnit == "M")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else if (user.UserChangePasswordUnit == "Y")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else
{
isForceChangePassword = false;
}
if (user.UserChangePassword)
{
isForceChangePassword = true;
}
//EInbox.GenerateInboxMessage(user.UserID);
if (isForceChangePassword)
{
Session["ForceChangePassword"] = true;
}
WebUtils.SetSessionLanguage(Session, WebUtils.GetCurUser(Session));
//RegenerateSessionId();
HROne.Lib.Entities.EInbox.DeleteAllDeletedUserID(mainDBConn);
HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "~/Default.aspx?LastURL=" + DecryptedRequest["LastURL"]);
}
}
// Remove all item for release session
Session.Clear();
Request.Cookies.Remove(HROne.Common.WebUtility.getDefaultSessionCookieName());
//if (companyDB != null)
//{
// Session.Remove("DatabaseConnection");
//}
{
// Create Login Audit for fail login
if (user != null)
{
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
else
{
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, 0, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
message = message.Replace("\\", "\\\\").Replace("\r", "\\r").Replace("\n", "\\n").Replace("\"", "\\\"");
message = message.Replace(HROne.Common.WebUtility.GetLocalizedString("validate.prompt"), "");
ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"" + message + "\");", true);
System.Threading.Thread.Sleep(1000);
}
}